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THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 
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- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )S Responsive to communication(s) filed on 27 December 2004 . 
2a)^ This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 1 1 , 453 O.G. 213. 
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4) ^ Claim(s) 1-18 is/are pending in the application. 
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6) ^ Claim(s) 1-18 is/are rejected. 
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8) D Claim(s) are subject to restriction and/or election requirement. 
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10)13 The drawing(s) filed on 30 August 2001 is/are: a)KI accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1 .121(d). 
1 !)□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 
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application from the International Bureau (PCT Rule 17.2(a)). 
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Attachment(s) 

1) ^ Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-413) 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) Pa P er No(s)/Mail Date. . 

3) □ Information Disclosure Statement(s) (PTO-1449 or PTO/SB/08) 5 > □ Notice of Informal Patent Application (PTO-152) 

Paper No(s)/Mail Date . 6) □ Other: . 



U.S. Patent and Trademark Office 
PTOL-326 (Rev. 1-04) 



Office Action Summary 



Part of Paper No./Mail Date 20050225 



Application/Control Number: 09/943,61 8 Page 2 

Art Unit: 2131 

Response to Amendment 

This office action is responsive to Applicant's amendment received on December 
27, 2004. Claims 1,15, and 17 have been amended. Claims 1-18 remain pending. 

Response to Arguments 

Applicants arguments filed on December 27, 2004 have been fully considered 
but they are not persuasive. 

Applicant argues that "Barkley fails to teach assigning a name to an identified 
group of permitted actions on selected resources, and then associating subjects with 
that named group". 

Examiner responds that Barkley discloses an access control mechanism 
whereby roles are created based on responsibilities, and roles are associated with 
permissions necessary to those responsibilities (i.e., permitted actions on selected 
resources), and roles are associated with individuals. Barkley also discloses security 
attributes, which are descriptions of the affiliations between users and their authorized 
roles, or between permissions and the authorized operations on specified objects (i.e., 
group of permitted actions on selected resources)(Col. 6, lines 40-67). 

Barkley further discloses associating roles/groups (i.e., subjects) with different 
Object Access Types (i.e., groups of permitted actions on selected resources) based on 
varying responsibilities for different groups of employees (Col. 1 1 , lines 10-67 and Col. 
12, lines 1-50). Barkley also discloses different levels of access or permissions to a set 
of files or objects assigned to different roles. It accomplishes the same purpose as 
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assigning different groups of permitted actions on selected resources and associating 
them with different subjects/roles (i.e., users, or groups of users, or roles associated 
with users, or groups of users)(Col. 5, lines 5-15). 

Examiner respectfully maintains the rejection formulated on September 22, 2004 
as follows: 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

Claims 1-18 are rejected under 35 U.S.C. 102(b) as being anticipated by Barkley 
et al., (U.S. Patent No. 6,202,066 and Barkley hereinafter). 

Regarding claims 1,15, and 17, Barkley discloses a method of improving 
security policy administration and enforcement using a role permission model, 
comprising steps of: 

identifying one or more groups of permitted actions on selected resources, 
assigning a name to each identified group, defining each assigned name to a security 
system as a security object, and associating subjects with each assigned name (Col. 6, 
lines 32-67 and Col. 7, lines 1-67 and Col. 8, lines 1-43). 
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Regarding claim 2, Barkley discloses wherein the assigned name is a role name 
(Col. 4, lines 54-67 and Col. 5 t lines 1-5). 

Regarding claims 3-12, Barkley discloses wherein the selected resources are 
any resource that is expressible to the security system and the permitted actions are 
selected from a set of actions that are permitted on those resources (Col. 1 , lines 18-67 
and Col. 2, lines 1-67 and Col. 3, lines 1-53). 

Regarding claims 13, 16, and 18, Barkley discloses further comprising the steps 

of: 

receiving an access request for a particular one of the selected resources, 
determining one or more roles which are required for accessing the particular resource, 
determining an identity of a source of the access request, for each of the required 
roles, until obtaining a successful result or exhausting the required roles, determining 
whether the identity of the source is associated with the required role, and authorizing 
access to the particular resource only if the successful result was obtained (Col. 10, 
lines 45-67 and Col. 11-12, lines 1-67 and Col. 13, lines 1-50). 

Regarding claim 14, Barkley discloses wherein the step of determining the one or 
more roles further comprises consulting a collection created from the identified 
permitted actions on the particular resource (Col. 6, lines 55-67 and Col. 7, lines 1-48). 
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Conclusion 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

Moran etal., (U.S. Publication No. 2003/0088786), 
Deinhart et al., (U.S. Patent No. 5,91 1 ,143), and 
Andrews et al., (U.S. Publication No. 2003/0115487). 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Arezoo Sherkat whose telephone number is (571 ) 272- 
3796. The examiner can normally be reached on 8:00-4:30 Monday-Friday. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571 ) 272-3795. The fax phone number for 



Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



the organization where this application or proceeding is assigned is 703-872-9306. 




Arezoo Sherkat 
Patent Examiner 
Group 2131 
Feb. 25, 2005 




